Hi,
to add some more information:
I have just seen, that in POST hook in the above code I had auth_get_user instead of post_auth_get_user. I changed that but the problem remains.
I dont´t want users to jump from one to another domain if he is logged in.
I only want to have one User table for all projects. There is no interaction between the sites.
After playing around it looks like the problem lies somewhere in the setting of the session cookie.
In Authenticate.pm in auth_create_session there is
my $url = $IN->param('url');
my $redirect = 0;
if ($CFG->{user_sessions} eq 'Cookies') {
my $session_cookie = $IN->cookie(
-name => $CFG->{user_cookie_prefix} . 's',
-value => $session_id,
-path => '/',
-domain => $CFG->{user_cookie_domain},
-expires => ($remember ? '+10y' : '')
);
if ($url) {
print $IN->redirect(-force => 1, -cookie => [$session_cookie], -url => $url);
$redirect = 1;
}
else {
print $IN->header(-force => 1, -cookie => [$session_cookie]);
}
If a user tries to login with a url the login seems to work whereas the login without url and redirect won´t work.
Thanks
Niko
to add some more information:
I have just seen, that in POST hook in the above code I had auth_get_user instead of post_auth_get_user. I changed that but the problem remains.
I dont´t want users to jump from one to another domain if he is logged in.
I only want to have one User table for all projects. There is no interaction between the sites.
After playing around it looks like the problem lies somewhere in the setting of the session cookie.
In Authenticate.pm in auth_create_session there is
Code:
# Now redirect to another URL and set cookies, or set URL string. my $url = $IN->param('url');
my $redirect = 0;
if ($CFG->{user_sessions} eq 'Cookies') {
my $session_cookie = $IN->cookie(
-name => $CFG->{user_cookie_prefix} . 's',
-value => $session_id,
-path => '/',
-domain => $CFG->{user_cookie_domain},
-expires => ($remember ? '+10y' : '')
);
if ($url) {
print $IN->redirect(-force => 1, -cookie => [$session_cookie], -url => $url);
$redirect = 1;
}
else {
print $IN->header(-force => 1, -cookie => [$session_cookie]);
}
If a user tries to login with a url the login seems to work whereas the login without url and redirect won´t work.
Thanks
Niko